CVE-2021-28847

MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
mobatekmobaxterm
𝑥
< 21.0
𝑥
= Vulnerable software versions
References
https://mobaxterm.mobatek.net/download-home-edition.html
https://mobaxterm.mobatek.net/preview.html
https://mobaxterm.mobatek.net/download-home-edition.html
https://mobaxterm.mobatek.net/preview.html